1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
use ffi;
use std::ptr;
use std::ffi::CString;
use cvt;
use pkey::PKey;
use error::ErrorStack;
use x509::X509;
use types::{OpenSslType, OpenSslTypeRef};
use stack::Stack;
type_!(Pkcs12, Pkcs12Ref, ffi::PKCS12, ffi::PKCS12_free);
impl Pkcs12Ref {
pub fn parse(&self, pass: &str) -> Result<ParsedPkcs12, ErrorStack> {
unsafe {
let pass = CString::new(pass).unwrap();
let mut pkey = ptr::null_mut();
let mut cert = ptr::null_mut();
let mut chain = ptr::null_mut();
try!(cvt(ffi::PKCS12_parse(self.as_ptr(),
pass.as_ptr(),
&mut pkey,
&mut cert,
&mut chain)));
let pkey = PKey::from_ptr(pkey);
let cert = X509::from_ptr(cert);
let chain = Stack::from_ptr(chain);
Ok(ParsedPkcs12 {
pkey: pkey,
cert: cert,
chain: chain,
})
}
}
}
impl Pkcs12 {
from_der!(Pkcs12, ffi::d2i_PKCS12);
}
pub struct ParsedPkcs12 {
pub pkey: PKey,
pub cert: X509,
pub chain: Stack<X509>,
}
#[cfg(test)]
mod test {
use hash::MessageDigest;
use hex::ToHex;
use super::*;
#[test]
fn parse() {
let der = include_bytes!("../test/identity.p12");
let pkcs12 = Pkcs12::from_der(der).unwrap();
let parsed = pkcs12.parse("mypass").unwrap();
assert_eq!(parsed.cert.fingerprint(MessageDigest::sha1()).unwrap().to_hex(),
"59172d9313e84459bcff27f967e79e6e9217e584");
assert_eq!(parsed.chain.len(), 1);
assert_eq!(parsed.chain[0].fingerprint(MessageDigest::sha1()).unwrap().to_hex(),
"c0cbdf7cdd03c9773e5468e1f6d2da7d5cbb1875");
}
}